NYS Social Services Law (SOS) § 363-d and Title 18 of the New York Codes, Rules and Regulations (Subpart 521) require CDPHP and its Medicaid participating providers to implement and maintain effective compliance programs at detecting fraud, waste, and abuse in the NYS Medicaid program. Please see 18 NYCRR Part 521 Fraud, Waste and Abuse Prevention for additional information about this requirement.
What should a provider’s compliance program include?
A compliance program should be well-integrated into the provider’s operations and supported by the highest levels of the organization, promote adherence to the required provider’s legal and ethical obligations, and be designed and implemented to prevent, detect, and correct non-compliance with Medicaid program requirements. At a minimum, it must have the following seven elements:
-
Written policies and procedures
-
The designation of a compliance officer and compliance committee
-
Compliance training and education
-
Lines of communication to the provider's compliance officer or compliance function
-
Disciplinary policies to encourage good faith participation in the compliance program
-
Auditing and monitoring compliance risk areas and
-
Responding to compliance issues
How do providers submit a compliance certification?
A provider can record (and attest) to having an effective compliance program as part of their annual Certification Statement for Provider Billing Medicaid. This certification occurs on or around the anniversary date of the provider's enrollment in Medicaid. Providers must submit a copy of their compliance certification to CDPHP. The regulation requires CDPHP’s Medicaid network providers and certain other parties to provide CDPHP with a copy of the certification statement submitted annually to Medicaid for billing purposes.
When CDPHP executes an agreement with a provider to participate in our Medicaid network we will require a copy of this certification. This will also be required from all Medicaid participating providers annually. To submit a copy of your attestation to CDPHP, please send a copy to OMIGCERT@cdphp.com.
Additional guidance and information on these compliance requirements can be found on the OMIG website.